ESLint v6.2.1 released

We just pushed ESLint v6.2.1, which is a patch release upgrade of ESLint. This release includes a security fix in the eslint-utils package, which is a dependency of ESLint. The security issue affects users that run ESLint on untrusted source code (e.g. servers that lint the user’s project as a service). By taking advantage of a bug in a certain piece of analysis, a user could supply malicious source text that causes arbitrary code to be executed in the linting process.


Dependency Upgrades